What is data in vicinity?
Data in the presence of a smartphone:
• Audio picked up by
the microphones
• Visual data picked up
by the cameras
How do threat actors capture it?
Using advanced spyware that hijacks cameras
and microphones. Social engineering by SMS . Malware infection .
What can it potentially reveal? Unfiltered and timely information !
Smartphone surveillance has opened up an entirely new avenue of exposure for high-value enterprise information, forcing many security professionals to rethink how they see data. A different class of data, known as data in vicinity, encompasses this new way of thinking. Joining the three established types of data (data at rest, data in transit and data in use), data in vicinity refers to the data in the presence of a smartphone or other data-capturing, internet-connected device. This includes any audio that can be picked up by the device’s microphones—such as conversations and environmental noise—as well as any visual data that can be picked up by the cameras, such as images of people and spaces.
Contact us for additional information at team@digitalbank.capital or visit our website https://www.digitalbank.capital/
What To Do
Thankfully, technology companies have started developing products and features that provide protections against the illicit capture of smartphone data in vicinity. To combat this emerging threat, organizations should take the following steps:
Educate employees about the real-world risks of discussing or displaying high-value information in the presence of an unprotected smartphone.
Leverage operating system tools for restricting camera/microphone access. The latest version of Android (9.0), for example, prevents idle apps from using the device’s sensors.
Utilize your mobile device management or enterprise mobility management tools to establish policies for camera/microphone usage, such as restricting access within high-risk buildings.
Use your mobile threat defense tools to detect risky or malicious app behaviors such as unwarranted camera/microphone access.
Invest in privacy-centric mobile hardware. Some niche smartphone models offer a button or switch that disconnects power from the camera and microphones. For a popular platform such as the iPhone, anti-surveillance smartphone cases are capable of masking surrounding audio and blocking cameras while ensuring adherence to existing policies.
As threat actors continue to look for new ways of capturing and leveraging smartphone data in vicinity, enterprises must learn to adapt to this new threat vector. Through awareness and vigilance, organizations large and small can mitigate the risks of their most valuable information falling into the wrong hands.